PRISM, Xbox One Kinect, Privacy and Semantics

It’s interesting that at one time getting people to keep quiet was a priority for the government. During World War II the government promoted a major advertising campaign to remind people that “loose lips sink ships.” During war time (back when wars were temporary affairs), it was standard practice to suppress the flow of information and censor personal letters to ensure that useful information would not fall into enemy hands. In a sense, privacy and national security were one.

Recent leaks about the NSA’s PRISM program suggest that things have dramatically changed. We’ve realized for several years now that our cell phone service providers, our social networks, and our search engines are constantly tracking our physical and digital movements and mining that data for marketing. We basically have traded our privacy for convenience in the same way that we accept ads on TV and on the Internet in exchange for free content.

The dark side of all this is when all of this information is being passed along to third parties we didn’t even know about until we start getting junk mail in our inboxes for products we have no interest in.

What we only suspected, until now, was that the infrastructure that has been built to support these transactions of personal information for services were also of interest to our government and that we are sharing our identifying information not only with content providers, service providers, spammers and junk mailers but also with the United States security apparatus. Now that all that information has been collected, the government wants to mine it also.

We don’t live in a police state today. I don’t belong to either the far right wing nor the far left wing – I’m neither an occupier nor a tea partay kind of guy – so I also don’t believe we are even close to slipping into a police state in the near future. I’m not concerned that the government will or ever will use this information to track me down and I am pretty confident that all this data mining will mainly be used only to track down terrorists and to send me unwanted emails. And yet, it bugs me on a visceral level that people are going through my stuff, whatever that ethereal stuff actually is.

The main argument against this cooties feeling about my privacy is that only metadata is being inspected and not actual content. Unfortunately, this seems like a porous boundary to me. To paraphrase Hegel’s overarching criticism of Kant, whenever we draw a line we also necessarily have to cross over it at the same time. From everything I know about software, the only way to gather metadata is to inspect the content in order to generate metadata about it. For instance, when a government computer system listens to phone traffic in order to pick out key words and constellations of words, it still has to listen to all the other words first in order to pick out what it is interested in.

Moreover, according to Slate, the data mining being done by PRISM is incredibly broad:

It appears the National Security Agency’s sweeping surveillance is not something only Verizon customers should be concerned about. The agency has also reportedly obtained access to the central servers of major U.S. Internet companies as part of a secret program that involves the monitoring of emails, file transfers, photos, videos, chats, and even live surveillance of search terms.

The semantics of Privacy today, as defined under the regime of the NSA, doesn’t mean no one is listening to what you are saying – it just means no one cares. The best way to protect one’s privacy today is to simply be boring.

At the same time that all these revelations about PRISM were coming out (in fact on the very same day), Microsoft released a brief about privacy concerns around the new Xbox One’s Kinect peripheral. Here’s an attempted explanation of the brief on Windows Phone Central I found particularly fascinating:

A lot of people feared that the Kinect would be able to listen to you when the Xbox One was off. Apparently, when off, the Xbox One is only listening for one command in its low-power state: “Xbox On”. It’s nice to know that you’re in control when the Kinect is on, off or paused. Some games though will require Kinect functionality (again, at the discretion of the game developers/publisher). That’s up to you to play or not play those games.

The author’s reassurance is based on a semantic sleight-of-hand. The Kinect is not listening to you, according to the author, because it “is only listening for one command.” This is an honest mistake, but a dangerous one. In fact, in order to listen for one command, the Kinect has to have that microphone turned on and listening to everything anyone is saying. What it is actually doing is only acting on one command – and hopefully throwing away everything else. Additionally I do have a bit of experience with Microsoft’s speech recognition technology both on the Kinect and on the PC, and the “low-power state” modifier doesn’t particularly make sense. It takes a similar amount of effort to identify insignificant data as it does to identify significant data, AFAIK. (There’s always the possibility that the Xbox Kinect has an on-board language processor just to listen for this one command that is separate from the rest of its speech recognition processing chain – but I haven’t heard about anything like that so far.)

The original Microsoft brief called Privacy by Design, upon which I assume the Windows Phone Central post is based, doesn’t play this particular semantic game – though it plays another. At the same time, it also seems particularly and intentionally vague about certain points.

The semantic game in Microsoft’s Privacy post is around the term ‘design’. Does design here refer to the hardware design, the software architecture, the usability design or the marketing campaign? These are all things that are encompassed by the term design and, in the linked article, privacy could be referring to any of them. If it refers to the marketing campaign and UX, as it probably does, this doesn’t actually provide me any guarantees of privacy. All it tells me is that Microsoft doesn’t initially intend to use the new Kinect sitting in my living room to collect random conversations. ‘Design’ may refer to the initial software architecture, but this doesn’t provide us with any particular guarantees since any post-release software update can change the way the software works.

To put this another, way, the article describes Microsoft’s intent but doesn’t provide any guarantees. Is there anything in the hardware that will prevent speech data from being mined in the future? Probably not. In that case, is there anything in the licensing that prevents Microsoft from mining this data? Microsoft’s privacy brief doesn’t even touch on this.

So should you be concerned? Totally – and here’s why. In its pursuit of security, the NSA has instituted an infrastructure that performs better and better the more information it is fed. Do terrorists play Xbox? I have no idea. Would the NSA want all that data anyways?

Hypothetically, the new Xbox One and the Kinect can collect this information on us. Here’s how. According to recent Microsoft announcements, the Xbox One must be connected to the Internet once every 24 hours in order to play games on it. The new Kinect is designed to always be on and I am obligated to have it (I can’t buy a Kinect One without it). Even when my Xbox One is off, my Kinect is still on listening for a command to turn it on. The infrastructure is there and the NSA’s PRISM project is a monster that is hungry for it.

To be clear, I don’t think Microsoft is particularly interested in collecting this data. Microsoft has no particular use for the typically rather boring conversations I have in my living room. They won’t be gleaning any particularly useful marketing information from my conversations either.

Nevertheless, I think it would be extremely forward looking of Microsoft to explain what they have put in place to prevent the government from ever issuing a request for this data and getting it the way they have already gotten other data, so far, from Verizon, AT&T, Microsoft, Yahoo, Google, Facebook, AOL, Skype, YouTube, and Apple.

Has Microsoft designed a mechanism, either through hardware or through a customer agreement they won’t/can’t rescind in the future, that will future proof my privacy?